Setup of SAML and SCIM for Okta

About

Users of Okta can integrate with Insightly via SAML & SCIM and once setup has occurred in both Insightly and Okta, users can be provisioned. The process defined in this article will guide Insightly System Admins through the process of SAML & SCIM setup for Okta; this process works in tandem with the setup of SAML and SCIM within Insightly as detailed in the Setting Up SAML and SCIM Integrations article.

In this Article

• Requirements
• Supported Features
• Add the Insightly Integration and Configure SAML
• Configure SCIM

Requirements

• Must be on the Insightly Enterprise level plan to use SAML and SCIM.
• Must be an administrator in Insightly to configure SAML and SCIM settings.

Supported Features

• Using SAML, administrators can manage user access from a single place, and users can access different applications with a single login through an identity provider (IdP) like OneLogin, Okta, G Suite, Microsoft Outlook, or another IdP. This provides an organization with higher security and greater convenience.
• SCIM allows administrators to centrally provision and manage Insightly users through an Identity Provider (IdP) such as Okta or Azure Active Directory. SCIM aims to reduce the cost and complexity of user management in companies utilizing a multitude of cloud applications and services.

Add the Insightly Integration and Configure SAML

1. To add a new SAML application, navigate to the Insightly integration page in Okta.
2. Click Add Integration.
   
3. Via the General Settings, enter a name for the application in the Application label field. Click Next.
   
4. Within Insightly, navigate to System Settings > Security > SAML and SCIM. Copy the Sign-in Page URL field.
   1. For configuration of SAML within Insightly, the Setting Up SAML and SCIM Integrations article can be reviewed.
5. Via the Configure SAML step in Okta, paste the URL into the Sign-in page URL field.
6. Select the Email option in the Application username format dropdown field. Click Done.
   
7. To download the SAML certificate, navigate to the the Sign-on tab of the newly created app. Via the SAML Signing Certificates section, locate the first active certificate in the list. Click the Actions dropdown menu and select Download Certificate.
   
8. Within Insightly, navigate to System Settings > Security > SAML and SCIM, upload the certificate in the Verification Certificate field and click Save. For configuration of SAML within Insightly, the Setting Up SAML and SCIM Integrations article can be reviewed.
   

Configure SCIM

1. To configure SCIM for Okta, ensure that SCIM is enabled in Insightly by reviewing the Setting Up SAML and SCIM Integrations article.
2. Via the Provisioning tab of the Insightly application within Okta, click Configure API Integration.
   
3. Check the Enable API Integration checkbox. Paste in the SCIM Token into the API Token field.
   
4. Press Test API Credentials to verify that you have a valid token. Click Save.
   
5. Via the Provisioning tab, click Edit. To enable all supported SCIM operations, check the Enable checkboxes within the Create Users, Update User Attributes, and Deactivate Users sections. Click Save.
   
6. The supported attributes can be reviewed on Provisioning to App page, towards the bottom of the page. Please note that email and emailType are read-only fields.
   
7. Navigate to the Assignments tab. To assign users to the app, click the Assign dropdown and select Assign to People. Once a user has been assigned they will appear in Insightly shortly. Progress can be monitored in View Logs.